linux/drivers/media/v4l2-core
Hans Verkuil e752577ed7 [media] v4l2-mem2mem: drop lock in v4l2_m2m_fop_mmap
The v4l2_m2m_fop_mmap function takes the core mutex, but this will result in a potential
circular locking dependency:

[  262.517164] ======================================================
[  262.517166] [ INFO: possible circular locking dependency detected ]
[  262.517169] 4.2.0-rc2-koryphon #844 Not tainted
[  262.517171] -------------------------------------------------------
[  262.517173] v4l2-compliance/1379 is trying to acquire lock:
[  262.517175]  (&dev->dev_mutex){+.+.+.}, at: [<ffffffffa000ddab>] v4l2_m2m_fop_mmap+0x2b/0x90 [v4l2_mem2mem]
[  262.517187]
               but task is already holding lock:
[  262.517189]  (&mm->mmap_sem){++++++}, at: [<ffffffff81159309>] vm_mmap_pgoff+0x69/0xc0
[  262.517199]
               which lock already depends on the new lock.

[  262.517202]
               the existing dependency chain (in reverse order) is:
[  262.517204]
               -> #1 (&mm->mmap_sem){++++++}:
[  262.517209]        [<ffffffff810d0e6b>] __lock_acquire+0x62b/0xe80
[  262.517215]        [<ffffffff810d2095>] lock_acquire+0x65/0x90
[  262.517218]        [<ffffffff811612e5>] __might_fault+0x75/0xa0
[  262.517222]        [<ffffffffa06dead9>] video_usercopy+0x3e9/0x4e0 [videodev]
[  262.517231]        [<ffffffffa06debe0>] video_ioctl2+0x10/0x20 [videodev]
[  262.517238]        [<ffffffffa06d8663>] v4l2_ioctl+0xc3/0xe0 [videodev]
[  262.517243]        [<ffffffff811a8cac>] do_vfs_ioctl+0x2fc/0x550
[  262.517248]        [<ffffffff811a8f74>] SyS_ioctl+0x74/0x80
[  262.517252]        [<ffffffff81a4d2ee>] entry_SYSCALL_64_fastpath+0x12/0x76
[  262.517258]
               -> #0 (&dev->dev_mutex){+.+.+.}:
[  262.517262]        [<ffffffff810cf464>] validate_chain.isra.38+0xd04/0x1170
[  262.517266]        [<ffffffff810d0e6b>] __lock_acquire+0x62b/0xe80
[  262.517270]        [<ffffffff810d2095>] lock_acquire+0x65/0x90
[  262.517273]        [<ffffffff81a48e3c>] mutex_lock_interruptible_nested+0x6c/0x4b0
[  262.517279]        [<ffffffffa000ddab>] v4l2_m2m_fop_mmap+0x2b/0x90 [v4l2_mem2mem]
[  262.517284]        [<ffffffffa06d80ff>] v4l2_mmap+0x4f/0x90 [videodev]
[  262.517288]        [<ffffffff8116b06c>] mmap_region+0x38c/0x5b0
[  262.517293]        [<ffffffff8116b585>] do_mmap_pgoff+0x2f5/0x3e0
[  262.517297]        [<ffffffff8115932a>] vm_mmap_pgoff+0x8a/0xc0
[  262.517300]        [<ffffffff81169bab>] SyS_mmap_pgoff+0x1cb/0x270
[  262.517304]        [<ffffffff8100876d>] SyS_mmap+0x1d/0x20
[  262.517309]        [<ffffffff81a4d2ee>] entry_SYSCALL_64_fastpath+0x12/0x76
[  262.517313]
               other info that might help us debug this:

[  262.517315]  Possible unsafe locking scenario:

[  262.517318]        CPU0                    CPU1
[  262.517319]        ----                    ----
[  262.517321]   lock(&mm->mmap_sem);
[  262.517324]                                lock(&dev->dev_mutex);
[  262.517327]                                lock(&mm->mmap_sem);
[  262.517329]   lock(&dev->dev_mutex);
[  262.517332]
                *** DEADLOCK ***

Since vb2_fop_mmap doesn't take the lock, neither should v4l2_m2m_fop_mmap.

Signed-off-by: Hans Verkuil <hans.verkuil@cisco.com>
Tested-by: Mikhail Ulyanov <mikhail.ulyanov@cogentembedded.com>
Signed-off-by: Mauro Carvalho Chehab <mchehab@osg.samsung.com>
2015-08-11 06:37:23 -03:00
..
Kconfig Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/cooloney/linux-leds 2015-07-01 19:09:11 -07:00
Makefile media: Add registration helpers for V4L2 flash sub-devices 2015-06-22 13:53:16 -07:00
tuner-core.c [media] tuner-core: fix compilation if the media controller is not defined 2015-02-26 08:44:04 -03:00
v4l2-async.c v4l: async: Add a pointer to of_node to struct v4l2_subdev, match it 2015-06-15 11:37:05 -07:00
v4l2-clk.c [media] V4L: add CCF support to the v4l2_clk API 2015-04-02 18:33:42 -03:00
v4l2-common.c [media] v4l2-common: move v4l2_ctrl_check to cx2341x 2014-11-25 08:25:36 -02:00
v4l2-compat-ioctl32.c [media] V4L2: fix VIDIOC_CREATE_BUFS 32-bit compatibility mode data copy-back 2014-11-03 15:11:59 -02:00
v4l2-ctrls.c [media] media/v4l2-ctrls: Code cleanout validate_new() 2015-07-06 08:25:52 -03:00
v4l2-dev.c [media] v4l2-dev: disable selection ioctls for non-video devices 2015-04-02 18:30:00 -03:00
v4l2-device.c [media] v4l2-core: remove the old .ioctl BKL replacement 2015-03-02 17:06:56 -03:00
v4l2-dv-timings.c [media] v4l2-dv-timings: print refresh rate with better precision 2015-07-06 08:25:53 -03:00
v4l2-event.c [media] v4l2-event: v4l2_event_queue: do nothing if vdev == NULL 2015-07-17 09:15:27 -03:00
v4l2-fh.c [media] media: v4l2-core: remove the use of V4L2_FL_USE_FH_PRIO flag 2014-07-04 16:14:22 -03:00
v4l2-flash-led-class.c media: Add registration helpers for V4L2 flash sub-devices 2015-06-22 13:53:16 -07:00
v4l2-ioctl.c [media] v4l2-ioctl: log buffer type 0 correctly 2015-06-06 07:43:49 -03:00
v4l2-mem2mem.c [media] v4l2-mem2mem: drop lock in v4l2_m2m_fop_mmap 2015-08-11 06:37:23 -03:00
v4l2-of.c [media] v4l: of: Correct pclk-sample for BT656 bus 2015-06-06 07:27:04 -03:00
v4l2-subdev.c [media] Add helper function for subdev event notifications 2015-07-17 09:45:50 -03:00
videobuf2-core.c [media] videobuf2: add trace events 2015-07-17 12:04:12 -03:00
videobuf2-dma-contig.c [media] Revert "[media] vb2: Push mmap_sem down to memops" 2015-06-18 14:34:22 -03:00
videobuf2-dma-sg.c [media] Revert "[media] vb2: Push mmap_sem down to memops" 2015-06-18 14:34:22 -03:00
videobuf2-dvb.c [media] vb2: Add videobuf2-dvb support 2014-04-16 18:59:29 -03:00
videobuf2-memops.c Revert "[media] v4l: vb2-memops: use vma slab when vma allocation" 2015-04-08 13:17:09 -03:00
videobuf2-vmalloc.c [media] Revert "[media] vb2: Push mmap_sem down to memops" 2015-06-18 14:34:22 -03:00
videobuf-core.c [media] videobuf: fix sparse warnings 2014-11-05 09:07:58 -02:00
videobuf-dma-contig.c [media] videobuf-dma-contig: set vm_pgoff to be zero to pass the sanity check in vm_iomap_memory() 2014-10-24 09:32:41 -02:00
videobuf-dma-sg.c [media] videobuf: make unused exported functions static 2015-01-27 10:01:33 -02:00
videobuf-dvb.c
videobuf-vmalloc.c [media] Revert "[media] videobuf_vm_{open,close} race fixes" 2014-02-04 06:29:46 -02:00